Copyright 2012 Trend Micro Inc. Copyright 2012 Trend Micro Inc. Raimund Genes, CTO Innovation In Cloud Security
Feb 22, 2016
Copyright 2012 Trend Micro Inc.Copyright 2012 Trend Micro Inc.
Raimund Genes, CTO
Innovation In Cloud Security
Copyright 2012 Trend Micro Inc.
Copyright 2012 Trend Micro Inc.
Overwhelmed by Volume of New Threats
Source: AV-Test.org
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 20100
2,000,000
4,000,000
6,000,000
8,000,000
10,000,000
12,000,000
14,000,000
16,000,000
18,000,000
20,000,000
New unique samples added to AV-Test's malware repository (2000-2010)
DecNovOctSepAugJulJunMayAprMarFebJan
Copyright 2012 Trend Micro Inc.
FileWeb
Copyright 2012 Trend Micro Inc.
Smart Protection Network
File
Web / URL
Domain
IP
File Reputation Service
Email Reputation Service
Custom
er
Sm
art Protection
Community Intelligence(Feedback loop)
Web Reputation Service
Sourcing Processing& Analysis
Validate & Create Solution
Quality Assurance
Solution Distribution
Solution Adoption
SPN Correlation
Copyright 2012 Trend Micro Inc.
Copyright 2012 Trend Micro Inc.
Correlation
A compromised web siteOne click in a link.Fake news by email.
TROJ_CHOST.E
A fake video
A lot
can
happen
in a
minute
EMAILREPUTATION
WEBREPUTATION
FILEREPUTATION
Copyright 2012 Trend Micro Inc.
Backend Operations
Data Feeds Correlation
Systems
Monitor & Trigger
Copyright 2012 Trend Micro Inc.
Big Data!
Copyright 2012 Trend Micro Inc.
DataIn-the-CloudComputation
In-the-CloudSolution
ERS
Smart Protection Network
Spam Samples
101011101011101011101010101010101101011010100101
Feedback Data
Query Logs
Storage ClustersVM Clusters
Reputation Data
New Threat Discovery
Email Reputation
Copyright 2012 Trend Micro Inc.
ERS
SPN Infrastructure Reputation Servers
ReputationData
Query Logs
Smart Protection Network
11011010
11
00101010
01110010
11
10010101
1010
101001
010100
110101
010101
010100
110101
011010
101010
101011
101010
101010
101101
FeedbackData
Costumers
Honeypot
SpamSamples
Pattern
Query
50M/day
200M/day
1TB/day
Email Reputation
Copyright 2012 Trend Micro Inc.
Daily Service Capacity
Solution DeliveryData AnalyticsData Sourcing
50M Spam samples
180,000 Suspicious IPs
806TB Raw data
8,050 Signatures
668,000 Cloud entries
130,000 New IP listing
1B IP address reputation
278GB Sampling pool200M User’s feedback
1TB Mail traffic logs
Email Reputation
Copyright 2012 Trend Micro Inc.
Web Reputation
Copyright 2012 Trend Micro Inc.
Web Reputation Statistics
Dat
a S
ourc
ing■ 42 Sources
(16-19 in Regularity)■ 11,000 Unique Feedbacks■ 8~10 Billion URL Queries
Dat
a A
naly
ses■ 1 Billion
URLs Analyzed■ 7.2 TB raw and condensed data for correlations and mining
Sol
utio
n D
eliv
ery■ 52,580,000
static patterns■ 20,000 new patterns
■ 15~20 million infections blocked
Copyright 2012 Trend Micro Inc.
File Reputation
Copyright 2012 Trend Micro Inc.
Copyright 2012 Trend Micro Inc.
+ GRID and MARS
Goodware Ressource and Information Database
Mobile Application Reputation Service
Copyright 2012 Trend Micro Inc.
GRID
Copyright 2012 Trend Micro Inc.
Copyright 2012 Trend Micro Inc.
How and when to retire Data?
Copyright 2012 Trend Micro Inc.